CVE-2023-27826
Published: 12 April 2023
Summary
CVE-2023-27826 is a high-severity OS Command Injection (CWE-78) vulnerability in Seowonintech Swc-5100W Firmware. Its CVSS base score is 8.8 (High).
Operationally, ranked in the top 4.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
SeowonIntech SWC 5100W WIMAX Bootloader versions 1.18.19.0 with hardware 0.0.7.0 and firmware 1.11.0.1 or 1.9.9.4 contain an OS command injection vulnerability tracked as CVE-2023-27826. The flaw stems from improper handling within the doSystem() function and is classified under CWE-78, enabling unauthenticated or low-privileged remote attackers to execute arbitrary operating system commands. It carries a CVSS 3.1 score of 8.8 reflecting network attack vector, low complexity, and full confidentiality, integrity, and availability impact.
An attacker with network access and valid low-privileged credentials can supply crafted input that abuses doSystem() to run commands as root, resulting in complete system takeover. Public exploit code has been posted to Exploit-DB and Pastebin, confirming the issue is reproducible against the listed bootloader and firmware revisions.
The EPSS score for this CVE rose from a low baseline to a recorded peak of 0.2351 with a current value of 0.1730, indicating measurable post-disclosure exploitation interest. No vendor advisory or patch information appears in the referenced materials, which consist primarily of device manuals and exploit artifacts.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-31562
Vulnerability details
SeowonIntech SWC 5100W WIMAX Bootloader 1.18.19.0, HW 0.0.7.0, and FW 1.11.0.1, 1.9.9.4 are vulnerable to OS Command Injection. which allows attackers to take over the system with root privilege by abusing doSystem() function.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.